SEC504: Hacker Tools, Techniques, and Incident Handling
SEC504Offensive Operations
LDR521: Security Culture for Leaders
LDR521Cybersecurity Leadership
- 5 Days (Instructor-Led)
- 30 Hours (Self-Paced)
Course created by:
Russell Eubanks & Lance Spitzner
Course created by:Russell Eubanks & Lance Spitzner
- 30 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Advanced Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 12 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Transform your organization’s cybersecurity by institutionalizing a strong security culture where leadership and workforce prioritize security in their everyday actions and initiatives.
Featured Quote
This content is helping bring back concepts that get forgotten when you go from a doer to a senior leadership role. It brought back good concepts and a way to utilize them in the Security Context as well as getting leadership to think differently.
Course Overview
The SANS LDR521: Security Culture for Leaders course teaches cybersecurity leaders how to build, measure, and sustain a strong cybersecurity culture across their organization. Through hands-on labs, real-world scenarios, and proven behavioral science frameworks, participants learn how to gain executive buy-in, engage the workforce, and integrate security into everyday business practices. This course is ideal for experienced security professionals looking to drive meaningful cultural change and elevate the impact of their security programs.
What You'll Learn
- Understand and quantify both organizational and security culture
- Identify and embed key elements of a strong security culture
- Build a practical framework to guide your security team
- Communicate the business value of security to gain executive buy-in
- Engage and motivate your workforce to adopt secure behaviors
- Simplify security processes to integrate them into daily work
- Improve the success of security initiatives with actionable strategies and tools
Business Takeaways
- Scale security impact beyond your immediate security team
- Embed security at the start of all business initiatives
- Gain critical executive leadership support for initiatives
- Create a workforce that naturally prioritizes security
- Increase success rates of all security programs
- Transform security teams into effective security advocates
- Reduce security team burnout through cultural alignment
Meet Your Authors
- Slide 1 of 2
Russell Eubanks
Principal InstructorRussell is a Principal Consultant and Co-Founder of Cyverity with extensive cybersecurity leadership experience. As former CIO and CISO of the Federal Reserve Bank of Atlanta, he brings real-world expertise to his role as SANS Principal Instructor.
Read more about Russell Eubanks - Slide 2 of 2
Lance Spitzner
Senior InstructorLance revolutionized cyber defense by founding the Honeynet Project. Over the past 25 years, he has helped 350+ organizations worldwide build resilient security cultures, transforming human risk management into a cornerstone of modern cybersecurity.
Read more about Lance Spitzner
Slide 1 of 0
(1/0)
Course Syllabus
Explore the course syllabus below to view the full range of topics covered in LDR521: Security Culture for Leaders.
Section 1Fundamentals of Organizational and Security Culture
Learn the foundations of security culture, how to map your organization's current culture, and build a roadmap to achieve the security culture you want. Apply proven organizational change models to drive cultural transformation.
Topics covered
- Human aspects of security
- Organizational and security culture assessment
- Future state definition and visioning
- Organizational change frameworks
- Enabling cultural change
Labs
- Map your organization's culture
- Survey your security culture
- Define desired security culture
- Action your security culture plan
Section 2Motivating Security Culture
Discover how to effectively engage and motivate your workforce to prioritize cybersecurity. Learn marketing models, persona development, and incentive programs that drive behavioral change across the organization.
Topics covered
- AI in security culture building
- Safety and motivation principles
- Marketing change effectively
- Creating security personas
- Incentivizing security behaviors
Labs
- Develop security personas
- Create marketing plan for DevSecOps
Section 3Enabling and Measuring Security Culture
Learn to overcome the "Curse of Knowledge" by making security simple for all employees. Develop effective training approaches, streamline policies, and implement metrics to track and demonstrate security culture impact.
Topics covered
- Addressing cognitive biases
- Building security knowledge
- Simplifying security processes
- Measuring cultural change
- Organizing metrics and driving action
Labs
- Craft learning objectives
- Build human sensor network
- Design security culture surveys
Section 4Engaging Leadership
Develop proficiency in getting executive support by speaking leadership's language. Learn to build compelling business cases, understand financial impacts, and effectively communicate security value to senior leadership.
Topics covered
- Creating business cases
- Understanding financial impacts
- Communicate clearly with your executives
- Demonstrating security ROI
- Developing a future-focused security vision
Labs
- Develop a clear Business Case
- Create an effective multi-year security budget
Section 5Capstone Workshop
Apply everything you've learned in a simulated environment to build a security culture at a fictional company. Teams compete to make strategic decisions that impact security outcomes, with the winning team earning the coveted LDR521 Challenge Coin.
Topics covered
- Strategic decision-making
- Real-world application
- Team collaboration
- Security leadership simulation
- Cybersecurity culture outcomes
Labs
- Cyber42 Leadership Simulation
Things You Need To Know
Relevant Job Roles
Cybersecurity Auditor
European Cybersecurity Skills FrameworkPerform cybersecurity audits on the organisation’s ecosystem. Ensuring compliance with statutory, regulatory, policy information, security requirements, industry standards and best practices.
Explore learning pathCybersecurity Curriculum Development (OPM 711)
NICE: Oversight and GovernanceResponsible for developing, planning, coordinating, and evaluating cybersecurity awareness, training, or education content, methods, and techniques based on instructional needs and requirements.
Explore learning pathCybersecurity Architect
European Cybersecurity Skills FrameworkPlans and designs security-by-design solutions (infrastructures, systems, assets, software, hardware and services) and cybersecurity controls.
Explore learning pathCyber Risk Officer
Cybersecurity LeadershipLead, govern, and manage this risk for your organization.
Explore learning pathCyber Threat Intelligence Specialist
European Cybersecurity Skills FrameworkCollect, process, analyse data and information to produce actionable intelligence reports and disseminate them to target stakeholders.
Explore learning pathSecure Project Management (OPM 802)
NICE: Oversight and GovernanceResponsible for overseeing and directly managing technology projects. Ensures cybersecurity is built into projects to protect the organization’s critical infrastructure and assets, reduce risk, and meet organizational goals. Tracks and communicates project status and demonstrates project value to the organization.
Explore learning pathSystems Security Management (OPM 722)
NICE: Oversight and GovernanceResponsible for managing the cybersecurity of a program, organization, system, or enclave.
Explore learning pathCommunications Security (COMSEC) Management (OPM 723)
NICE: Oversight and GovernanceResponsible for managing the Communications Security (COMSEC) resources of an organization.
Explore learning pathSenior Security Leader
Cybersecurity LeadershipDaily focus is on the leadership of technical teams. Includes titles such as Technical Director, Manager, and Team Lead.
Explore learning pathCybersecurity Risk Manager
European Cybersecurity Skills FrameworkManage the organisation's cybersecurity-related risks aligned to the organisation’s strategy. Develop, maintain and communicate the risk management processes and reports.
Explore learning pathMedia Exploitation Analyst
Digital Forensics and Incident ResponseThis expert applies digital forensic skills to a plethora of media that encompasses an investigation. If investigating computer crime excites you, and you want to make a career of recovering file systems that have been hacked, damaged or used in a crime, this may be the path for you. In this position, you will assist in the forensic examinations of computers and media from a variety of sources, in view of developing forensically sound evidence.
Explore learning pathCybersecurity Educator
European Cybersecurity Skills FrameworkImproves cybersecurity knowledge, skills and competencies of humans.
Explore learning pathProgram Management (OPM 801)
NICE: Oversight and GovernanceResponsible for leading, coordinating, and the overall success of a defined program. Includes communicating about the program and ensuring alignment with agency or organizational priorities.
Explore learning pathPenetration Tester
European Cybersecurity Skills FrameworkAssess the effectiveness of security controls, reveals and utilise cybersecurity vulnerabilities, assessing their criticality if exploited by threat actors.
Explore learning pathDigital Forensics Investigator
European Cybersecurity Skills FrameworkEnsure the cybercriminal investigation reveals all digital evidence to prove the malicious activity.
Explore learning pathCybersecurity Researcher
European Cybersecurity Skills FrameworkResearch the cybersecurity domain and incorporate results in cybersecurity solutions.
Explore learning pathChief Information Security Officer (CISO)
European Cybersecurity Skills FrameworkManages an organisation’s cybersecurity strategy and its implementation to ensure that digital systems, services and assets are adequately secure and protected.
Explore learning pathCybersecurity Workforce Management (OPM 751)
NICE: Oversight and GovernanceNICE Framework: Cybersecurity Workforce Management (OPM 751)
Explore learning pathExecutive Cybersecurity Leadership (OPM 901)
NICE: Oversight and GovernanceResponsible for establishing vision and direction for an organization's cybersecurity operations and resources and their impact on digital and physical spaces. Possesses authority to make and execute decisions that impact an organization broadly, including policy approval and stakeholder engagement.
Explore learning pathCybersecurity Implementer
European Cybersecurity Skills FrameworkDevelop, deploy and operate cybersecurity solutions (systems, assets, software, controls and services) on infrastructures and products.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
OnDemand Bundle
When purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
SANS Skills Quest by NetWars Core Edition
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
Filter by:
Location & instructorDate & TimeCourse priceEnrollment options
- Location & instructor
Virtual (OnDemand)
Instructed by Russell EubanksDate & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price$8,260 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Munich, DE
Instructed by Lance SpitznerDate & TimeFetching schedule..View event detailsCourse price€7,715 EUR*Prices exclude applicable local taxesEnrollment options - Location & instructor
Washington, DC, US & Virtual (live)
Instructed by John ScottDate & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Virginia Beach, VA, US & Virtual (live)
Instructed by Lance SpitznerDate & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxesEnrollment options - Location & instructor
Virginia Beach, VA, US & Virtual (live)
Date & TimeFetching schedule..View event detailsCourse price$8,260 USDEnrollment options - Location & instructor
Orlando, FL, US & Virtual (live)
Instructed by Lance SpitznerDate & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes - Location & instructor
Washington, DC, US & Virtual (live)
Instructed by Lance SpitznerDate & TimeFetching schedule..View event detailsCourse price$8,260 USD*Prices exclude applicable local taxes - Location & instructor
Virtual (live)
Instructed by John ScottDate & TimeFetching schedule..View event detailsCourse price€7,715 EUR*Prices exclude applicable local taxesEnrollment options
Showing 8 of 8
Learn Alongside Leading Cybersecurity Professionals From Around The World
- Slide 1 of 4Lance was fantastic! He made the course super engaging and covered all information thoroughly, making sure to draw in and leverage student experience to make the course richer.
- Slide 2 of 4I am just so happy with this material focusing on embedding secure values into our global culture - exactly what my company needs help with NOW.
- Slide 3 of 4Entertaining and thought provoking and helped me understand what actions I can take to change the culture of my company.
- Slide 4 of 4I love the way each lab built on previous topics covered culminating in the last day where we could apply everything we learnt. Everytime we did a lab they were well explained and at no time did i feel rushed, or like we had too much time to complete them.
Slide 1 of 0
(1/0)
Benefits of Learning with SANS
Get feedback from the world’s best cybersecurity experts and instructors
Choose how you want to learn - online, on demand, or at our live in-person training events
Get access to our range of industry-leading courses and resources